Read Time:26 Second

FEDORA-2023-25617e952a

Packages in this update:

tpm2-tss-3.2.2-1.fc37

Update description:

Fixed:

A buffer overflow in tss2-rc as CVE-2023-22745.
The drv layer in tss2-rc should have been the policy layer.
Spec deviation in Fapi_GetDescription caused description to be NULL when it should be empty string.
This is API breaking but considered a bug since it deviated from the FAPI spec.
FAPI: undefined reference to curl_url_strerror when using curl less than 7.80.0.

More Stories

USN-7403-1: Linux kernel (HWE) vulnerabilities

Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker...

USN-7402-2: Linux kernel (Real-time) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7402-1: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

USN-7401-1: Linux kernel (AWS) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

USN-7392-4: Linux kernel (AWS FIPS) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

USN-7392-3: Linux kernel (AWS) vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...